# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: water kappa

# Reference: https://documents.trendmicro.com/assets/pdf/Tech%20Brief_Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users.pdf
# Reference: https://otx.alienvault.com/pulse/5e68f7e638d16c09fa844701

bank-japanposst.jp
bank-japanpost.com
bank-japanpostjp.com
bank-japanpostpo.jp
japanp0st.jp
jp-bamk.jp
jp-bank-japanossts.jp
safetb-amazon.jp
safety-amazon.jp
security-amazon.jp
ts3cardd.com

# Reference: https://www.trendmicro.com/en_us/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-.html (# water kappa)
# Reference: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-with-new-malvertising-campaign/IOCs-Cinobi%20Banking%20Trojan%20Targets%20Cryptocurrency%20Exchange%20Users%20via%20Malvertising.txt

chirigame.com
getkiplayer.com
magicalgirlonlive.com
supapureigemu.com
5lmt6t4kaymuwvm5.onion
a7q5adiilsjkujxk.onion